Attorney Docket No. 784-51 (SI-19122-US) 
AMENDMENTS TO THE CLAIMS 



1. (Previously Presented) A method for allocating a plurality of encryption keys 
according to a plurality of access authorization classes, said method comprising the steps of: 

setting an access authorization to at least one access point in advance; 

when a wireless station requests said at least one access point to perform initial 
authentication, differentiating said encryption keys according to a plurality of access 
authorization types; and 

obtaining by at least one wireless station the differentiated encryption keys in advance. 

2. (Original) The method of claim 1, wherein the access authorization types include 
a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

3. (Original) The method of claim 1, further comprising a step of 

a wireless station desiring to communicate with an access point selecting from the 
plurality of encryption keys an encryption key corresponding to the access authorization to the 
access point and communicates data with the access point, wherein the wireless station has a 
plurality of encryption keys corresponding to access authorization types. 

4. (Previously Presented) The method of claim 1, wherein the differentiating encryption 
keys step further comprises: 

(a) determining access authorization to an access point when the access point is requested 
to perform initial authentication by said wireless station; 
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(b) obtaining an encryption key and generating a shared key set including the obtained 

encryption keys in accordance with the determination result of step (a); 

(c) determining access authorization to an access point belonging to a LAN by a LAN 
authentication server which is requested to perform initial authentication by the wireless station; 

(d) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (c); 

(e) determining access authorization to an access point belonging to a WAN by a WAN 
authentication server which is requested to perform initial authentication by the wireless station; 
and 

(f) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (e). 

5. (Original) The method of claim 4, wherein step (a) further comprises a step of the 
wireless station requesting an access point to perform authentication, and the access point which 
is requested to perform authentication determining whether or not access authorization to the 
access point corresponds to a class 1, said class 1 indicating access authorization to an access 
point to which the wireless station is assigned. 

6. (Original) The method of claim 4, wherein step (c) further comprises the steps of: 

(cl) the LAN authentication server determining whether or not the access authorization to 
the access point corresponds to a class 2, said class 2 indicating access authorization to 
predetermined access points included in a LAN to which the wireless station belongs to; 

(c2) if a determination result of step (cl) indicates that the access authorization 
corresponds to said class 2, obtaining an encryption key of class 2, and determining whether or 
not the access authorization corresponds to a class 3, said class3 indicating access authorization 
to all access points included in the LAN to which the wireless station belongs to; and 

(c3) if a determination result of step (c2) indicates that the access authorization 
corresponds to said class 3, obtaining an encryption key of class 3* 

7. (Original) The method of claim 6, wherein step (c2) further comprises the steps of: 
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allocating a null encryption key if the determination result of step (cl) indicates that the 

access authorization does not correspond to said class 2; 

determining whether the access authorization corresponds to class 3; and 
allocating a null encryption key if a determination result indicates that the access 

authorization does not correspond to class 3. 

8. (Previously Presented) A roaming method for a wireless station using a plurality of 
encryption keys allocated according to a plurality of access authorization classes, said method 
comprising the steps of: 

(a) setting an access authorization to an access point in advance, when a wireless station 
requests said access point to perform initial authentication differentiating said plurality of 
encryption keys according to a plurality of access authorization types and 

said wireless station obtaining in advance an encryption key set including the 
differentiated plurality of encryption keys for respective access points; 

(b) receiving a command to communicate with an access point not available for 
communication using an encryption key currently selected in the encryption key set; 

(c) determining an access authorization to the access point not available for 
communications; 

(d) selecting an encryption key from the encryption key set obtained in advance 
corresponding to the determined access authorization; and 

(e) using the selected encryption key to encrypt a transmission message and communicate 
with the access point not available for communication* 

9. (Original) The method of claim 8, wherein the access authorization types of the 
encryption key set include 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 
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a class 3 that indicates access authorization to all access points included in the LAN to 

which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 

area network (WAN). 

10. (Currently Amended) A computer readable storage m edium having embodied 
thereon a program of instructions executable by a computer for performing the method of claim 
4. 

11. (Currently Amended) A computer readable storage medium having embodied thereon 
a program of instructions executable by a computer for the method of claim 8. 

12. (Original) An apparatus for allocating a plurality of encryption keys according to a 
plurality of access authorization classes, comprising: 

an access authorization determining unit for determining an access authorization class for 
communication between a wireless station from a plurality of wireless stations and an access 
point from a plurality of access points; 

an encryption key storing unit which stores said plurality of encryption keys according to 
said access authorization classes; and 

an encryption key allocation unit which reads an encryption key from the encryption key 
storing unit corresponding to a determination result of the access authorization determining unit 
and transfers a value of said encryption key to the wireless station. 

13. (Original) The apparatus of claim 12, wherein the access authorization classes include 
a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 
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a class 4 that indicates access authorization to multiple access points included in a wide 

area network (WAN). 

14. (Currently Amended) A computer readable storage m edium storing instructions 
which, when executed causes execution of a program implementing a structure of a wireless data 
packet us e d for allocating e ncryption keys according to access authorization classes in a wireless 
network that comprises a wireless station and an access point, the structure comprising: 

a header of said data packet transmitted through the wireless network; 

an access authorization information storing field, which indicates access authorization for 
communication between the wireless station and the access poin t, the access authorization 
information being used for allocating encryption keys according to access authorization classes : 

an encrypted data field in which data contents to be transmitted are encrypted and stored; 

and 

an error correction field, which is used to correct data error. 

15. (Currently Amended) The computer readable storage medium of claim 14, wherein 
the access authorization information storing field comprises two bits and through possible 
combinations of the two bits, stores 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 
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